Follow

Beware of trusted site telling you to change your password and or username. Until you’re sure you’re not being scammed, don’t fail over into the typical knee-jerk reaction and click ANY supplied links. Instead, go to the referenced site via your standard means and examine their requests to their subscribers or contact them directly and double check validity of any email supposedly sent from them.

Heart Bleed is just another common email-related phishing application, which attempts to capture access information, by spoofing you into thinking you are dealing with a trusted source. Generally any links supplied only lead their target to a malicious application. I’m sure you know the drill by now.

If it comes as email, examine the address for slight misspelling errors, etc. If it comes from a link, hover over without clicking on it or view properties of the link by right clicking to view where the link intends to take you and examine again for discrepancies.

While Heartbleed certainly is a problem, don’t panic just yet. You don’t have to change all your passwords. Additionally, you don’t need to change any passwords or PINs you use to log into a Windows PC, Mac or mobile devices. Also smart phones, tablets and personal computers were not directly affected.

Heartbleed’s intended target is secure socket layers of web based sites, email and chat servers. Most servers running Microsoft software, as well as servers utilizing standard encryption protocols, were for the most part unaffected.

The following is a list of popular sites where you may or may not need to take action:

Definitely Change your passwords

Yahoo, including Yahoo Mail and any Yahoo Group

Flickr (Yahoo subsidiary)

Tumblr (Yahoo subsidiary)

Ars Technica

IFTTT.com

Trillian

Archive.org

Dropbox

DuckDuckGo

Electronic Frontier Foundation

Etsy

Eventbrite

HideMyAss.com

LastPass

WordPress.com

WordPress.org

Wikipedia

Woot

Still vulnerable to Heartbleed. Do NOT change your password yet.

Do NOT change your password on any of these sites until they say they have been patched. Wait for the site owners to confirm their patch application. Changing your password now will only allow your new password to also be captured.

The Atlantic

Breitbart.com

The Economist

Imgur

IndieGoGo

Netflix

OK Cupid

Outbrain

Rolling Stone

Stack Overflow

Safe, no password or username changes necessary.

However, if you want to be completely sure you ARE safe, and since I tend to err on the side of caution, it wouldn’t hurt to change your password on

robg

Freelance writer and a lifelong Washington Native.
Robs articles will generally reflect a Moniker of Robbie G, in honor of his late Uncle “Doc”, who raised him for his first year of life.
He credits his writing skill to two very different, and very determined Creative Writing professors at both Bellevue Community College and Seattle University.
His career placed him in organizations such as Honeywell Aerospace, Paul Alan's Experience Music Project, Boeing Aerospace, and Microsoft.
When not running or Mountain biking, he’s usually, charting and stock trading. Rob and his wife Sandi love traveling, snowshoeing in the winter and Geo cache outings in the summer.